Side by Side Diff: modules/nginx/manifests/init.pp
Issue 29321355:
Issue 2600 - Normalize ownership and priviliges for Nginx logs (Closed)
Patch Set: Approach using two execs and find
Created July 6, 2015, 4:14 p.m.
| Left: | ||
| Right: |
Use n/p to move between diff chunks;
N/P to move between comments.
« no previous file with comments
|
« no previous file
|
no next file »
|
no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| OLD | NEW |
|---|---|
| 1 class nginx ( | 1 class nginx ( |
| 2 $worker_processes = $nginx::params::worker_processes, | 2 $worker_processes = $nginx::params::worker_processes, |
| 3 $worker_connections = $nginx::params::worker_connections, | 3 $worker_connections = $nginx::params::worker_connections, |
| 4 $ssl_session_cache = $nginx::params::ssl_session_cache | 4 $ssl_session_cache = $nginx::params::ssl_session_cache |
| 5 ) inherits nginx::params { | 5 ) inherits nginx::params { |
| 6 | 6 |
| 7 apt::source {'nginx': | 7 apt::source {'nginx': |
| 8 location => "http://nginx.org/packages/ubuntu", | 8 location => "http://nginx.org/packages/ubuntu", |
| 9 repos => "nginx", | 9 repos => "nginx", |
| 10 key => "7BD9BF62", | 10 key => "7BD9BF62", |
| (...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 112 require => File["/etc/nginx/sites-available/${domain}"], | 112 require => File["/etc/nginx/sites-available/${domain}"], |
| 113 content => template('nginx/logrotate.erb') | 113 content => template('nginx/logrotate.erb') |
| 114 } | 114 } |
| 115 } | 115 } |
| 116 | 116 |
| 117 file {'/etc/logrotate.d/nginx': | 117 file {'/etc/logrotate.d/nginx': |
| 118 source => 'puppet:///modules/nginx/logrotate', | 118 source => 'puppet:///modules/nginx/logrotate', |
| 119 require => Package['nginx'] | 119 require => Package['nginx'] |
| 120 } | 120 } |
| 121 | 121 |
| 122 $log_path = '/var/log/nginx' | |
| 123 | |
| 124 $user_quoted = shellquote($nginx::params::user) | |
| 125 $chown_find_cmd_base = "find ${log_path} -mindepth 1 -maxdepth 1 -type f \( \! -user ${user_quoted} -o \! -group adm \)" | |
| 126 $chown_cmd = "$chown_find_cmd_base -ls -exec chown ${user_quoted}.adm {} \;" | |
| 127 $chown_onlyif_cmd = "test $(${chown_find_cmd_base} -print |wc -l) -gt 0" | |
| 128 exec {"set_logfiles_owner": | |
| 129 command => $chown_cmd, | |
| 130 onlyif => $chown_onlyif_cmd, | |
| 131 path => '/bin:/usr/bin', | |
|
mathias
2015/07/09 14:28:47
Please use "/usr/bin:/bin".
| |
| 132 require => Package['nginx'], | |
| 133 } | |
| 134 | |
| 135 $chmod_find_cmd_base = "find ${log_path} -mindepth 1 -maxdepth 1 -type f \! -p erm 0640" | |
| 136 $chmod_cmd = "$chmod_find_cmd_base -ls -exec chmod 0640 {} \;" | |
| 137 $chmod_onlyif_cmd = "test $(${chmod_find_cmd_base} -print |wc -l) -gt 0" | |
| 138 exec {"set_logfiles_permissions": | |
| 139 command => $chmod_cmd, | |
| 140 onlyif => $chmod_onlyif_cmd, | |
| 141 path => '/bin:/usr/bin', | |
|
mathias
2015/07/09 14:28:47
It may actually be easier to use a class-wide `Exe
| |
| 142 require => Package['nginx'], | |
| 143 } | |
| 144 | |
| 122 service {'nginx': | 145 service {'nginx': |
| 123 ensure => running, | 146 ensure => running, |
| 124 enable => true, | 147 enable => true, |
| 125 restart => '/etc/init.d/nginx reload', | 148 restart => '/etc/init.d/nginx reload', |
| 126 hasstatus => true, | 149 hasstatus => true, |
| 127 require => File['/etc/nginx/nginx.conf'] | 150 require => File['/etc/nginx/nginx.conf'] |
| 128 } | 151 } |
| 129 } | 152 } |
| OLD | NEW |
« no previous file with comments
|
« no previous file
|
no next file »
|
no next file with comments »
